Monitoring Forefront UAG Management with Microsoft System Center Operations Manager
Configuring the Operations Manager server to allow manual agent deployment on Forefront UAG servers
To configure management server settings for manual agent deployment on the Operations Manager 2007 server
In the Operations console, click Administration.
In the Administration pane, click Settings.
In the Settings pane, expand Type: Server, right-click Security, and then click Properties.
In the Global Management Server Settings - Security dialog box, in the General tab, click Review new manual agent installations in pending management view, and select the Automatically approve new manually installed agents check box, and then click OK.
Create a New Access Rule for Operations Manager
To create a new access rule for remote monitoring of Forefront UAG servers using the Operations Manager agent, perform the following procedure.
To create a new access rule for the Operations Manager agent in Forefront UAG
Click Start, point to All Programs, point to Microsoft Forefront TMG, and then click Forefront TMG Management.
In the console tree, click Firewall Policy.
On the View menu, ensure the Show System Policy Rules menu item is selected.
Right-click the system rule Allow remote monitoring from Forefront TMG to trusted servers, using Microsoft Operations Manager (MOM) Agent, and then clickEdit System Policy.
On the System Policy Editor dialog box, click the To tab, and then in This rule applies to traffic sent to these destinations, click Add.
On the Add Network Entities dialog box, create a new computer entity for the System Center Operations Manager server, and then click Add.
On the System Policy Editor dialog box, click OK.
Click Apply to save changes and update the configuration.
Install the Operations Manager Agent on the Forefront UAG servers
The Operations Manager agent runs on each Forefront UAG server that is monitored by the Operations Manager. The Operations Manager agent is typically installed by starting the Discovery Wizard from the Operations Manager 2007 Administrator Console on the Operations Manager server. Because the Microsoft Firewall service blocks the traffic between the Operations Manager server and the Forefront UAG servers that is needed to install an Operations Manager agent, it is recommend that you install the Operations Manager agent manually on each Forefront UAG server that you want to configure as an Operations Manager agent computer. The following procedures describe how to do this.
To install the Operations Manager agent manually on a Forefront UAG server
On the Forefront UAG server on which you want to install the agent, run SetupOM.exe from the Operations Manager 2007 installation media.
Click Agent to install an agent.
In the Agent Setup Wizard, select the Specify Management Group Information option.
On the Management Group Configuration page, specify the following:
- In the Management Group Name box, type the name of the management group to which the agent will connect.
- In the Management Server Name box, type the fully qualified domain name (FQDN) of the Operations Manager 2007 server.
Select either Local System or specify a domain user account for the agent action account.
Complete the Agent Setup Wizard.
To approve the agent on the Operations Manager server
In the Operations Manager Console, click Administration.
Click Administration, expand Administration, expand Device Management, and then click Pending Management.
In the Pending Management pane, select computers in Type: Manual Agent Install.
Right-click the computers, and then click Approve.
In the Manual Agent Install dialog box, click Approve to display the computers in the Agent Managed node that show they are ready to be managed.
In the Agent Managed node, right-click the computer name of each Forefront UAG server, click Properties, and on the Security tab, select the Allow this agent to act as a proxy and discover managed objects on other computers check box.